Jump to content
Not connected, Your IP: 44.203.58.132

Recommended Posts

Hello, im trying to run openvpn with one of the configs on kali, downloaded and added the follow lines the as suggested

Quote

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


It seems like its connected but when i browse there is no traffic.

This is the log file:

 

root@kali:~# openvpn --config ~/AirVPN2/AirVPN_United-States_UDP-443.ovpn
Sat Nov  3 20:07:29 2018 OpenVPN 2.4.6 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 30 2018
Sat Nov  3 20:07:29 2018 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.08
Sat Nov  3 20:07:29 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Nov  3 20:07:29 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov  3 20:07:29 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov  3 20:07:30 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]199.249.230.36:443
Sat Nov  3 20:07:30 2018 Socket Buffers: R=[163840->163840] S=[163840->163840]
Sat Nov  3 20:07:30 2018 UDP link local: (not bound)
Sat Nov  3 20:07:30 2018 UDP link remote: [AF_INET]199.249.230.36:443
Sat Nov  3 20:07:30 2018 TLS: Initial packet from [AF_INET]199.249.230.36:443, sid=b4424571 0e40c78f
Sat Nov  3 20:07:31 2018 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Sat Nov  3 20:07:31 2018 VERIFY KU OK
Sat Nov  3 20:07:31 2018 Validating certificate extended key usage
Sat Nov  3 20:07:31 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Nov  3 20:07:31 2018 VERIFY EKU OK
Sat Nov  3 20:07:31 2018 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Equuleus, emailAddress=info@airvpn.org
Sat Nov  3 20:07:32 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sat Nov  3 20:07:32 2018 [Equuleus] Peer Connection Initiated with [AF_INET]199.249.230.36:443
Sat Nov  3 20:07:33 2018 SENT CONTROL [Equuleus]: 'PUSH_REQUEST' (status=1)
Sat Nov  3 20:07:34 2018 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway  def1 bypass-dhcp,dhcp-option DNS 10.16.108.1,route-gateway 10.16.108.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.16.108.145 255.255.255.0,peer-id 15,cipher AES-256-GCM'
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: timers and/or timeouts modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: compression parms modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: --ifconfig/up options modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: route options modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: route-related options modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: peer-id set
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Sat Nov  3 20:07:34 2018 OPTIONS IMPORT: data channel crypto options modified
Sat Nov  3 20:07:34 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Sat Nov  3 20:07:34 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Nov  3 20:07:34 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Nov  3 20:07:34 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=c4:17:fe:5a:c4:a1
Sat Nov  3 20:07:34 2018 TUN/TAP device tun0 opened
Sat Nov  3 20:07:34 2018 TUN/TAP TX queue length set to 100
Sat Nov  3 20:07:34 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Nov  3 20:07:34 2018 /sbin/ip link set dev tun0 up mtu 1500
Sat Nov  3 20:07:34 2018 /sbin/ip addr add dev tun0 10.16.108.145/24 broadcast 10.16.108.255
Sat Nov  3 20:07:34 2018 /etc/openvpn/update-resolv-conf tun0 1500 1553 10.16.108.145 255.255.255.0 init
Sat Nov  3 20:07:39 2018 /sbin/ip route add 199.249.230.36/32 via 192.168.1.1
Sat Nov  3 20:07:39 2018 /sbin/ip route add 0.0.0.0/1 via 10.16.108.1
Sat Nov  3 20:07:39 2018 /sbin/ip route add 128.0.0.0/1 via 10.16.108.1
Sat Nov  3 20:07:39 2018 Initialization Sequence Completed
 

 

cat /etc/resolv.conf

 

# Generated by NetworkManager
nameserver 213.57.22.5
nameserver 213.57.2.5
 

 


ping www.google.com

 

root@kali:~# ping google.com
ping: google.com: Name or service not known
 

 

ping 213.57.22.5

 

 

PING 213.57.22.5 (213.57.22.5) 56(84) bytes of data.
64 bytes from 213.57.22.5: icmp_seq=1 ttl=48 time=515 ms
64 bytes from 213.57.22.5: icmp_seq=2 ttl=48 time=488 ms
64 bytes from 213.57.22.5: icmp_seq=3 ttl=48 time=368 ms
64 bytes from 213.57.22.5: icmp_seq=4 ttl=48 time=363 ms
64 bytes from 213.57.22.5: icmp_seq=5 ttl=48 time=366 ms
64 bytes from 213.57.22.5: icmp_seq=6 ttl=48 time=366 ms
 

It works smoothly on android and windows 8 but i need it on linux.

Thanks

Share this post


Link to post

The user without a clue is told apart from the one who does by looking at how he boots Kali. This sadly is a fact.

Guessed by how you didn't identify the problem and taken steps to try a simple solution I sadly fear it's the former, so before we get to troubleshooting, please for the love of it read the Kali's Should I Use Kali Linux? FAQ entry, especially part two. My biggest apologies if I misinterpreted your text and you really are one of the latter - using it as a Live CD as intended.

 

Now:

You pinged an IP and a DNS address and the DNS address didn't work. Ergo, you've got an internet connection but your configured DNS servers can't be reached. I get timeouts on lookups to the two servers above, they're likely reachable from inside the ISP network only.

Proposal: Use AirDNS at 10.4.0.1. Since resolv.conf was generated by NetworkManager, make the change there, restart the connection, retry OpenVPN. Report.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Certainly you are correct, im a linux noob and thats a fact.

Im using Kali for my primary OS,and its my first distribution because of reasons ,but im learning on the way.

 

I got a solution to my problem and its working now, if there is any other issue i need to fix regarding the service i will post it, please continue doing your FANTASTIC job helping others with your VAST experience.

 

 

 

Mods can close this thread.

 

STAFF EDIT FOR THE READERS:

OP resolved the problem by changing the script update-resolv-conf with update-systemd-resolved - since Kali (as a Debian derivative) now is based on systemd and not systemVinit. To fully understand the reasons please see here:

https://wiki.archlinux.org/index.php/OpenVPN#DNS

Share this post


Link to post

and its my first distribution because of reasons ,but im learning on the way.

 

please continue doing your FANTASTIC job helping others with your VAST experience.

 

I'm not offending you, I'm helping you. That you feel offended is not my problem as I don't breathe to live up to people's expectations. You asked the question and I provided a solution but remarked that you make yourself a shitload of work if you use Kali as a start into the Linux world. After that you are free to ignore any advice from anyone.

 

Anyway, glad it's solved. Welcome to AirVPN.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...